<?php
    require('common.php');
        
    $db = new Database();
    $user = getUser($db);
    
    // Error check
    if($user['group'] < 2) {
        redirect('index.php');
        exit();
    }
    checkCsrfGuard();
    if(!isset($_POST['name']))
        throw new Exception('Bad request.');
    
    // Check that there isn't another block with the same name
    $result = $db->query('SELECT id FROM '.
        config('DB_PREFIX').'blocks WHERE name='.
        $db->escape($_POST['name']));
    if(mysqli_num_rows($result) > 0) {
        message(LANG('BLOCK_NAME_TAKEN'), 
            'javascript: history.go(-1);',
            lang('BACK_TO_BLOCKS'));
        exit();
    }
    
    // Create the block
    $db->query('INSERT INTO '.config('DB_PREFIX').'blocks '.
        '(name, created) VALUES ('.
        $db->escape($_POST['name']).', '.time().')');
    
    // Success
    redirect('blocks.php');
?>